Rapid7 Sponsors Androguard and Cuckoo Sandbox in the First Round of the …

BOSTON–(BUSINESS WIRE)–Rapid7, the leading provider of security risk intelligence solutions,
today announced that it will be sponsoring open source projects
Androguard and Cuckoo Sandbox throughout the year. This is the first
stage in the Magnificent7 Program, an initiative created to fuel the
success of seven bleeding edge open source projects and backed by a fund
of $100,000. Participants can benefit from both financial support and
access to technical, business and marketing expertise and mentors.

“The vision of Cuckoo Sandbox is to provide an open source and
customizable means of analyzing malware in a safe environment”

Androguard and Cuckoo Sandbox’s vision and active community of
contributors and users enabled them to stand out from the other
entrants. The projects were selected for the first round of Magnificent7
sponsorships due to their innovative approach to traditional and
mobile-based malware analysis. According to the recent Verizon Breach
Report1, malware was involved in 69% of breaches in 2011,
making its mitigation a huge priority for security professionals.

“The open source community plays a vital role in the creation of
innovative solutions to address the increasingly complex security
challenge we all face,” said HD Moore, chief security officer of Rapid7
and chief architect of the Metasploit open source project. “Projects
like Androguard and Cuckoo Sandbox are using cutting edge technologies
to solve once unsolvable problems. With the backing of Rapid7, they will
now have the financial, marketing and technical resources available to
continue to deliver solutions that address real, critical problems.”

The open source projects being supported in the first round of Rapid7’s
Magnificent7 program are:

Androguard

Androguard, the work of Anthony Desnos and Geoffroy Gueguen, is an
advanced tool for the analysis of mobile malware that attacks Android
platforms or as Desnos likes to describe it, “a native decompiler of
Android applications.” Androguard employs a specialized static
environment for analysis via the Google Summer of Code-sponsored
DroidBox, for which Desnos was a mentor. With the help of the
Magnificent7 Program, the Androguard team plans to solidify the reverse
engineering sessions, including the integration and amelioration of
DroidBox, as well as supporting ARM libraries for analysis. In addition,
they aim to create a Graphical User Interface to enhance the user
experience.

“Mobile malware is a rapidly growing problem and we’re developing
Androguard to help defend the most attacked mobile operating system by
pulling, analyzing and mitigating Android malware,’ said Anthony Desnos,
core developer of Androguard. “Working with Rapid7 not only gives us the
financial support we need to meet our next round of key developments, it
also gives us access to great technical resources to help us develop our
vision and strategy for the product.”

Cuckoo Sandbox

Cuckoo Sandbox is an application that provides a virtual sandbox for the
automatic analysis of malware specimens. Originally developed by Claudio
Guarnieri for the Google Summer of Code, the project became so popular
it is now a mainstay of the Honeynet Project, a leading international
research institution with a special focus on malware. The platform
allows for the automatic capture and advanced analysis of dangerous
strains of malware in a contained environment. Working with Rapid7 will
enable Cuckoo Sandbox to increase its ability to adapt to the user’s
needs through configurable modules, as well as extending the
virtualization capabilities, which include self-protection from the
malware specimens.

“The vision of Cuckoo Sandbox is to provide an open source and
customizable means of analyzing malware in a safe environment,” said
Claudio Guarnieri, creator of Cuckoo Sandbox. “Giving the masses an
opportunity to dive deep into what kinds of malware are attacking their
systems will raise the bar on network security. The Magnificent7 Program
will help us develop our marketing and awareness strategies to reach a
broader audience and create a more iterative feedback program with our
customers. This will help us build the functionality on the technical
side to truly address our customers’ needs.”

Rapid7 is the leading provider of security risk intelligence solutions.
Rapid7’s integrated vulnerability
management and penetration
testing products, Nexpose and Metasploit, empower organizations to
obtain accurate, actionable and contextual intelligence into their
threat and risk posture. Rapid7’s solutions are being used by more than
1,700 enterprises and government agencies in more than 65 countries
worldwide, while the Company’s free products are downloaded more than
one million times per year and enhanced further by over 125,000 security
community users and contributors. Rapid7 has been recognized as one of
the fastest growing security companies by Inc. Magazine and as a “Top
Place to Work” by the Boston Globe. The Company is backed by Bain
Capital Ventures and Technology Crossover Ventures. For more information
about Rapid7, please visit http://www.rapid7.com.